<?php

	//getUser.php
	//Function used to retrieve User and Address information stored within the database.
	//Original Creator: Rowan Spence
	
	//Includes exectureQuery.php to assure Database Connection and SQL Execution
	include "executeQuery.php";
	
	//Retrieves variables from ActionScript forms
	$userID = $_REQUEST['userID'];
	$userPassword = $_REQUEST['userPassword'];
	$userFirstName = $_REQUEST['userFirstName'];
	$userLastName = $_REQUEST['userLastName'];
	$userEmail = $_REQUEST['userEmail'];
	$userDOB = $_REQUEST['Day'] . "-" . $_REQUEST['Month'] . "-" . $_REQUEST['Year'];
	$addressUserID = userID;
	$addressType = $_REQUEST['addressType'];
	$addressStreetNumber = $_REQUEST['addressStreetNumber'];
	$addressStreetName = $_REQUEST['addressStreetName'];
	$addressTown = $_REQUEST['addressTown'];
	$addressPostCode = $_REQUEST['addressPostCode'];
	$addressState = $_REQUEST['addressState'];	
	
	echo getUser($userID, $userPassword);
	
	function getUser($userID, $userPassword)
	{
		//Basic query to collect all data that has the ID productID
		$passQuery = "SELECT `userPassword` FROM `tblUsers` WHERE `userID` = '" . $userID . "'";
        $passResults = executeQuery($passQuery);
		$passArray = mysql_fetch_array($passResults);

		//If Statement used to check if the correct password was supplied, if not, then produce an error message
		if ($passArray['userPassword'] != md5($userPassword) || $passArray['userPassword'] == NULL) {
			echo "Invalid username or password\n";
			return NULL;
		}
		else {
			
			//Query that returns all of the User information
			$userQuery = "SELECT * FROM `tblUsers` WHERE `userID` = '" . $userID . "'";
			$userResults = executeQuery($userQuery);
			$userArray = mysql_fetch_array($userResults);
			
			//Query that returns all of the User's Address information
			$userAddressQuery = "SELECT * FROM `tblAddresses` WHERE `addressUserID` = '" . $addressUserID . "'";
			$userAddressResults = executeQuery($userAddressQuery);
			$userAddressArray = mysql_fetch_array($userAddressResults);
						
			//Sets the data retrieved from the Query into an XML format to be read by ActionScript
			$userXML = "<user>"
					. "\n<userID>" . $userArray['userID'] . "</userID>"
					. "\n<userFirstName>" . $userArray['userFirstName'] . "</userFirstName>"
					. "\n<userLastName>" . $userArray['userLastName'] . "</userLastName>"
					. "\n<userEmail>" . $userArray['userEmail'] . "</userEmail>"
					. "\n<userDOB>" . $userArray['userDOB'] . "</userDOB>"
					. "\n<addressType>" . $userAddressArray['addressType'] . "</addressType>"
					. "\n<addressStreetNumber>" . $userAddressArray['addressStreetNumber'] . "</addressStreetNumber>"
					. "\n<addressStreetName>" . $userAddressArray['addressStreetName'] . "</addressStreetName>"
					. "\n<addressTown>" . $userAddressArray['addressTown'] . "</addressTown>"
					. "\n<addressPostCode>" . $userAddressArray['addressPostCode'] . "</adressPostCode>"
					. "\n<addressState>" . $userAddressArray['addressState'] . "</addressState>"
					. "\n</user>";
			return $userXML;
		}
	}
	
?>
